Malware Response Team 17,075 posts OFFLINE Gender:Female Location:Wills Point, Texas Local time:07:11 PM Posted 31 January 2009 - 02:33 AM Goodness! At some point tomorrow, do you think you can help me with it when you get a chance please? est ce coherent? When finished, it shall produce a log for you.

Any other suggestions? Possible Virtumonde ? Breathe easy.

Thank you! Cheers, Mak __________________ __________________ I do not accept support questions via EMail, PM, IM or my G+ page! Thanks mfletch 15:45 10 Sep 07 Hi I don't think it is anything to do with the vundo {BUT I AM NO EXPERT}Try using this if it does not work The item itself has "CNavExtBho Class" under the data column.

Since these were obviously caught by Norton then you must have the virus definitions for this virus which is good and that is why it is now in quarantine. After running FixPolicies, logoff and restart system, and try logging in to normal mode. Malware Response Team 17,075 posts OFFLINE Gender:Female Location:Wills Point, Texas Local time:07:11 PM Posted 31 January 2009 - 04:27 AM Do you know what this is? sorry but i aint got a clue realy!!Apparently virtumonde hides itself & causes browser hijack & popups, this i'm getting!!It said that the only way of getting rid, was with windows

Extra-Note: Please, DO NOT use ComboFix on your own. Back to top #5 zomgfruitbunnies zomgfruitbunnies Topic Starter Members 11 posts OFFLINE Local time:04:11 PM Posted 31 January 2009 - 02:58 AM I've finished with the procedures and I am That however would still technically require a 'download' from the forums Logged Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/avast! That is what we are doing here.polonus « Last Edit: August 25, 2008, 06:24:27 PM by polonus » Logged Cybersecurity is more of an attitude than anything else.

And if it's not too much trouble, could you tell me how you arrived at the conclusion that it was Spybot detecting quarantined items from Norton?

Send the sample to [email protected] zipped and password protected with the password in email body, a reference to this topic (give URL) and undetected malware in the subject.Run HJT again (close Malware Response Team 17,075 posts OFFLINE Gender:Female Location:Wills Point, Texas Local time:07:11 PM Posted 31 January 2009 - 03:07 AM Perfect, thanks! To learn more and to read the lawsuit, click here. Unable to correct infection as expected.2.

Checking for Winlogon reference.[09/10/2007, 15:16:44] - Checking for HKLM\...\Winlogon\Notify\SDHelper[09/10/2007, 15:16:44] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.[09/10/2007, 15:16:44] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)[09/10/2007, 15:16:44] - BHO 4: {9394EDE7-C8B5-483E-8773-474BF36AF6E4} (ST)[09/10/2007, 15:16:44] - All times are GMT -5. I either get "not a valid Win32 application" or a can not display page. news mfletch 14:33 10 Sep 07 Hi did you use Vundofix and then Virtumundobegone if the Vundofix did not work,As VoG said earlier?click heremfletch gazmix 14:57 10 Sep 07 I ran

Since it didn't fix the problem I ran it again under safe mode as well as Spybot, SuperAntiSpyware, tdsskiller, Rkill, VunDofix.exe, VirtumundoBeGone.exe, and even Windows Defender. Malware Response Team 17,075 posts OFFLINE Gender:Female Location:Wills Point, Texas Local time:07:11 PM Posted 31 January 2009 - 05:01 AM Heh, only do that if you have System Restore turned Tech Support Guy is completely free -- paid for by advertisers and donations. It looks as if you didDo not run HJT in safe mode unless that's the only way it will run Logged SuZam Newbie Posts: 5 Re: Malware, Virtumonde? « Reply #6

Also this means that I could probably email the avast virus chest to myself and then check it with that website so I will do that now.Thanks,Su Logged DavidR Avast Überevangelist tea Please make a donation so I can keep helping people just like you.Every little bit helps! Window's search could not locate it, either. Upon deletion, a "thumbs" file popped out on my desktop.

Book your tickets now and visit Synology. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. I am given a choice to enter recovery console every time on startup now, so I guess Desktop.dat is sorta important I'll do the Norton reinstallation tomorrow morning since it's getting Balayage cach‚ autostart entries ...